Sorry to hear you don't know how to wipe your screen or that your friends can't come up with a complex pattern. And sorry to hear you blame the locking mechanism because the idiotic user didn't know how to connect the dots. Wow! Like I said, Denial is a helluva drug.

In the end I say don't worry what me or others think about this ridiculous gimmick. The inconvenience of having to constantly take your gloves off is enough reason to not want to use it. Come this winter, anyone with a GS4 can happily swipe in their pattern lock and never have to take be inconvenienced with taking off their gloves. Samsung was smart enough to know this. Apple? Not so much.

Oh my.. Stop with the glove point, we've already both agreed on it, so shut up, just being a condescending prick now.

You point out that I don't know how to wipe a device clean? Are you mentally challenged?

I've done it with cleaners, micro-fibre cloths, shirts, pants, everything. And nothing has worked, so that point falls..

They had very complex patterns, but clearly you don't think so, which is fine by me...

"DENIAL IS A HELLUVA DRUG"... LOL. Yeah, you bloody hypocrite. You call be being in denial, yet when I point out perfectly logical points, you just say I'm in denial simply because you are? Get over yourself. That reflection ain't pretty.

You point out that Samsung thinks of things.. Yeah, so true. Like how they thought a 2500 MAh battery is enough for a 5.3 HD screen? Or how a dual core with a gig of RAM is enough for Android. Or how about those screen issues? Yeah, certainly SAMSUNG is the CLEAR CUT winner in QUALITY. Lol, please, get off AI. Clearly all you've done is join simply because you wanted to point out a finger unlock pattern is better. Yes, it is better is some cases, and it's worse in some cases... like with EVERYTHING.

Sorry, best and easiest way is the pattern unlock that android uses. Apple should have put more money towards a better user experience, bigger and better screen, and better hardware overall. The fingerprint lock is useless in winter. What a hassle to keep taking off gloves to unlock my phone. I like what Nokia and Samsung did with the touchscreens that work with gloves. Get on it Apple. Stop these stupid gimmicks.

Well, fingerprints are convenient but you don't have to use your fingers, You understand that you can use any part of your body, even parts that are illegal to expose in public in most countries. Although I guess using those parts might keep the Germans from lifting the print where they are used. LOL.

Every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1 in 50,000 for one enrolled finger. This is much better than the 1 in 10,000 odds of guessing a typical 4-digit passcode. Although some passcodes, like "1234", may be more easily guessed, there is no such thing as an easily guessable fingerprint pattern. Instead, the 1 in 50,000 probability means it requires trying up to 50,000 different fingerprints until potentially finding a random match. But Touch ID only allows five unsuccessful fingerprint match attempts before you must enter your passcode, and you cannot proceed until doing so.

To configure Touch ID, you must first set up a passcode. Touch ID is designed to minimize the input of your passcode; but your passcode will be needed for additional security validation, such as:

After restarting your iPhone 5s

When more than 48 hours have elapsed from the last time you unlocked your iPhone 5s

To enter the Passcode & Fingerprint setting

Since security is only as secure as its weakest point, you can choose to increase the security of a 4-digit passcode by using a complex alphanumeric passcode. To do this, go to Settings > General > Passcode & Fingerprint and turn Simple Passcode off. This will allow you to create a longer, more complex passcode that is inherently more secure. Security is further strengthened by using a mixture of uppercase and lowercase letters, numbers, and symbols."

----------------------------------------

If Apple had never revealed how the Touch ID process worked, the individual would not have figured out that he can scan his own fingerprint, elevate the ridges onto a surface, place the surface on another finger, and then use the other finger's "living tissue" beneath the "fake epidermal fingerprint layer", to activate the Touch ID with his own 4-digit pass code.

The staged video simply demonstrates that the technology works as advertised, in that the scanner read the correct fingerprint pattern, and that the overlay was placed on the finger of a living person.

According to this article, the ONLY way a fingerprint pattern was replicated was with a DIRECT FINGER TO GLASS PLATE 2400 DPI HIGH RESOLUTION SCAN ON A FLATBED SCANNER.

Which means that he couldn't lift a fingerprint directly off of the iPhone 5s itself, because the light from the scanner would have refracted when coming into contact with the sapphire crystal glass.

In other words, take a mirror, and place a clear fingerprint on it, and scan the mirror.

Light reflected on itself would wash out the image the same way you photograph a white wall with flash.

The bottom line is that the individual didn't crack the Touch ID with his own fingerprint and 4 digit pass code; and he couldn't crack the Touch ID because the scanner worked as advertised.

Want to know why I joined AI? Because I wanted to show to the world the debunking of this stupid german video.

You may as well copyright that freaking saying, or maybe you are on drugs, you just keep repeating it. Also, another point is that you haven't even attacked any of my points, seem like we agree on my terms. Thanks for bringing along the stupid android joyride that is Ramrod.

Now, get out child, you don't belong here. Maybe one of those fandroid sites will do you well, just like AI does it's own Apple fanatics well.

Honestly? Do you live in a bubble? WTF? Just because you're fine with not using gloves in the winter doesn't mean the rest of us are. The overwhelming population in North America alone (forget the rest of the world for a second) wears gloves in the winter.
And YES there are gloves out there that work with TOUCHSREENS (not just iPhones), but these gloves don't work with the Touch ID. That's what the discussion is. Are you so bent on wanting everyone to love the Touch ID that you could not see this point? One more time now, the point of mentioning gloves was to point out they do not work with the TOUCH ID. Can't believe I had to actually point this out. Dang!

Well if that becomes such a problem for people in cold climates then turn touch id off and go back to passcode. It's not like Apple ever claimed touch id would work with gloves. And I hardly think its a reason not to implement it. I would guess the vast majority of people use their iPhone without gloves.

Honestly? Do you live in a bubble? WTF? Just because you're fine with not using gloves in the winter doesn't mean the rest of us are. The overwhelming population in North America alone (forget the rest of the world for a second) wears gloves in the winter.
And YES there are gloves out there that work with TOUCHSREENS (not just iPhones), but these gloves don't work with the Touch ID. That's what the discussion is. Are you so bent on wanting everyone to love the Touch ID that you could not see this point? One more time now, the point of mentioning gloves was to point out they do not work with the TOUCH ID. Can't believe I had to actually point this out. Dang!

Well if that becomes such a problem for people in cold climates then turn touch id off and go back to passcode. It's not like Apple ever claimed touch id would work with gloves. And I hardly think its a reason not to implement it. I would guess the vast majority of people use their iPhone without gloves.

"It's not like Apple ever claimed touch id would work with gloves", no but they DO claim that it is highly secure, which now seems to be uncertain at best, and untrue at worst.

Sorry, best and easiest way is the pattern unlock that android uses. Apple should have put more money towards a better user experience, bigger and better screen, and better hardware overall. The fingerprint lock is useless in winter. What a hassle to keep taking off gloves to unlock my phone. I like what Nokia and Samsung did with the touchscreens that work with gloves. Get on it Apple. Stop these stupid gimmicks.

Sorry, but when it is too cold, a normal person's first priority is to find a warm place is what I have heard. And I don't think even homeless people are always outdoors during winter. Its all good trying to find some silly anti-sentiment from a corner, but we will have to apply all these factors into real world scenarios. Let us be practical. TouchID not allowing gloves is your complaint? Really?

I don't give a shlt why you joined. lol. Seriously kid, don't get so upset because the Touch ID was bypassed. You sound like you're about to bust a nut. You can still buy an iPhone and nobody will care either way. Just don't ever wear gloves. lol.

One more for the road, say it with me now, Denial Is A Helluva Drug.

If you don't care about why I joined AI.. then why are you laughing at me for saying you only joined to point out an Android feature on an Apple website...

My debunking clearly states this video was a serious con, and it seems you were fooled by it. Don't be intimidated by such people. And I don't ever wear gloves.. so that point is useless to me.. Damn you're conceited

"It's not like Apple ever claimed touch id would work with gloves", no but they DO claim that it is highly secure, which now seems to be uncertain at best, and untrue at worst.

How is it untrue? No one has accessed the secure enclave inside the A7 chip. This "hack" appears to have been done in a controlled environment and hasn't been replicated or independently verified by anyone. Also there doesn't appear to be an unedited video from start to finish showing how this was accomplished. Sorry for now I trust Apple's word over some YouTube video that hasn't been independently verified and replicated.

While the process is somewhat complex, the thinking behind it is straightforward. In this case, a high-resolution 2400 dpi photo of a user's fingerprint was harvested from a glass surface using graphite dust or cyanoacrylate (the main ingredient in Super Glue) and a camera. The resulting image was cleaned up and inverted with photo editing software, then laser printed at 1200 dpi onto a transparent sheet.

To create the fake fingerprint, pink latex milk or white wood glue is laid over the printout and allowed to set. Once cured, the dummy can be peeled off the transparency, breathed on to produce a thin layer of moisture, and applied to a finger. This will grant access to a Touch ID protected device, CCC claims.

“Hey. Hey, Ted. Can I get a picture of your fingerprints? What for? Oh, I… Uh… I have a fetish. Yeah, that’s it. I have a fetish for fingerprints. Both thumbs… work it, baby… Thanks. You wouldn’t happen to have any latex milk on you, either, would you? And can I hop on your laptop for a few minutes? You still have Photoshop on there, right?”

Originally Posted byMacHarry de

OK,is it possible to return the new iPhone 5s to Apple until this hard issue is solved?

Cue (look at that, I used it correctly) hundreds of paid Samsungers spewing that all over every Apple site.

Originally Posted byRamrod

Says the person who just joined AI.

Are you really in any sort of position to be pulling this (perpetually meaningless) card?

How is it untrue? No one has accessed the secure enclave inside the A7 chip. This "hack" appears to have been done in a controlled environment and hasn't been replicated or independently verified by anyone. Also there doesn't appear to be an unedited video from start to finish showing how this was accomplished. Sorry for now I trust Apple's word over some YouTube video that hasn't been independently verified and replicated.

One of the security directors at DefCon claims to have replicated the process already.

"So﻿ tell me who is going to get a 2400 dpi picture of my finger...then print a 1200 dpi picture, after touching it up in photoshop. Then putting it on some kind of printed latex? The f..k?"

Then you also have to add graphite, clean up the image again, add super glue and transfer it to thin transparent film, then put the film onto the Touch ID screen with your live finger which Touch ID previously learned.

Just go somewhere and relax, you rude zealot! I'm not going anywhere, and while I'm an Apple fan, I'm not going to shut up when they make the occasional mistake.

Except it's not a mistake. And rudeness is all some people understand when they make ridiculous statements. And since, from another thread, you already have your 5s we must assume you will continue to use the LESS secure 4 digit PIN instead of Touch ID. To do otherwise would be incredibly hypocritical of you.

Assuming that the screen for setting up a second finger is the same as the first...

1. Notice he doesn't try the middle (unlocking) finger FIRST, to show that it CANNOT unlock the phone by itself.
2. Thus, the film he puts on his finger could be anything, because the middle finger could already be set up to unlock. The phone unlocks because it might already be set up.

And that doesn't even address if it's possible to get a complete enough print on a phone surface to photograph at the 2400dpi. Doubtful.

By the time a thief steals my phone, and SOMEHOW also gets my fingerprint (OK, maybe there's one unsmudged print left on my phone, but odds are 1-in-10 that it's my recorded print), and scans it at 2400dpi, prints it with a good printer at very high resolution, puts a layer of latex over it and WAITS for that to dry, I will have already set a passcode and/or wiped the phone. Not to mention I have activation lock enabled so he (or anyone he sells it to) would need my passcode to activate it.

Not worried. It's more than enough protection for little ole me.

Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time.

Alternatively, if they can lift the print right off the touch sensor itself, they can be sure to have the right print!

There's so many falsities in your moronic, mindless troll post, that one does not know where to start.
"Best and easiest"? Really? Easier than leaving my finger on the home button for a fraction of a second after clicking it? How the **** does that NOT improve user experience? Do you even know what that word means? Touch ID will be used hundreds of times a day by hundreds of millions of people. That does not qualify as a "gimmick".
Better quality screen? Scientific tests have shown that the iPhone 5/5s screen is literally the best in the industry, by a dozen or so metrics. Larger? Thats simply your personal preference.

The only gimmick is your post, which is asinine on so many levels. I have a Nexus 4. No, the pattern unlock is not the be-all-and-end-all of security. After getting used to touch ID, it seems like an obsolete, stone-age hassle.

Again, what about the gloves in the winter time? Yeah, didn't think you cared to address that issue. Hmm.....

Unless you are one if the 10 people to buy capacitive gloves, your taking one off anyway...

If these "hackers" can show continuous, unedited footage of 11 people using this technique to unlock an iPhone 5S, then there MIGHT be some truth to this. Remember the iPhone's scanner can only remember 10 finger prints at one time. In my opinion, these CCC guys are just out to make a quick name for themselves and there's no truth to their claims. It looks to me that the fake finger print is not any thicker than a piece of scotch tape and the "hacker's" finger is being read through the fake finger print scan.

If there is truth to it, then Apple has some BIG questions to answer. You can't dismiss this hack and argue that Apple is at no fault because of the default pass code protection (again, should it be true). Apple, being the maker of the world's best products (in my opinion), is widely in the public eye with their finger print technology and public trust is a very important thing to not betray in the consumer's eye.

“Hey. Hey, Ted. Can I get a picture of your fingerprints? What for? Oh, I… Uh… I have a fetish. Yeah, that’s it. I have a fetish for fingerprints. Both thumbs… work it, baby… Thanks. You wouldn’t happen to have any latex milk on you, either,
would you? And can I hop on your laptop for a few minutes? You still have Photoshop on there, right?

Could you possibly learn to read? You don't need to take a picture of the original fingerprint (I.e., the finger). You leave fingerprints all over the place. He'll, I wouldn't be surprised if you could lift the needed print from the TouchID sensor itself. Or how about this simple scenario: "Hey Ted, you done with that bottled water? I'll throw it out for you." Simple.

And latex milk? How about simple wood glue? Or are there no home improvement stores, Walmarts, Targets, are any of the dozens of other stores that carry such a product in your version of the universe?

There isn't anything exotic needed for this security bypass despite your ridiculous need to make it seem that way. Yes, TouchID is a good deterrent for the common thief, but anyone who's going to go to this level is going to be set up with the commonly available gear required to pull it off quickly and easily.

Yes, actually I HAVE successfully unlocked my friend's phones with looking at the oil pattern. It doesn't take an idiot. An easy swipe to get rid of it? Please. My GNote keeps those oil marks on there even if I wipe it... So that point falls.

Give one reason why anyone would believe an anonymous poster claiming to do what you claim?

If I stole an iPhone, I'd just wipe it and sell it, why bother with all this CSI stuff, as if the average robber is that sophisticated.

I think the concern is not so much about the phone as the data on it and the ability to spend money with the phone (if there's a wallet account linked to it). My phone's insured with a modest deductible; I suspect that a lot of people (albeit maybe not most) with phones this expensive have some form of insurance cover. But the insurance doesn't protect you against data or identity theft. This is especially a worry for people who are using their phone for corporate stuff.

Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time.

Alternatively, if they can lift the print right off the touch sensor itself, they can be sure to have the right print!

Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon.

You know, you could also cut off the person's finger and consider it a "hack". Really? Everything is crackable if you put enough thought and time into it. Serious, what is on someone's phone that would require going through that kind of process and... if I noticed my phone was missing, I'd put it on lock down requiring a passcode anyway.

Once thing they didn't cover is... TouchID can be programmed with up to five codes. So whose to say that the CSI staff that are doing this have the correct finger print? You have 10 fingers you know...

Give one reason why anyone would believe an anonymous poster claiming to do what you claim?

I've done it before.. I've done it with my friend's phones.. Just tell them you want to check out their phone if it has a pattern unlock, and boom lol. You're in. Not that hard. It's not impossible to do it..

Touch ID was designed to keep your wife from reading txt messages from your girlfriend while you are in the shower. If she suddenly orders a 2400 dpi laser film printer and a high resolution camera with a macro lens, then you might have something to worry about.

Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon.

I made a specific statistical claim -- a testable hypothesis even -- and then pointed out that you can be sure that the correct fingerprint (or whateverprint) is available in a specific place -- again a testable hypothesis. Conspiracy theories tend not be testable.

I didn't say that the guys in the video could actually make it work. I advanced some testable considerations that I think are likely to be true if their method works.

In any case, your responses in this thread suggest that you're a more than a little overwrought over this issue. And impolite.

If this had been a stolen phone this hack would not have worked because the finger print would have been invalidated in 48 hours. Buyng your own phone and then take your sweet time to fake your own finger to crack it is not impressive.

By the time you fake a fingerprint for a stolen iPhone, the police would have located your with "Find my iPhone".

Take yourself and your "This is not good for Apple" nonsense and jump off a bridge. Apple never said anything remotely indicating this was unbeatable. YOU and your ilk blew it up into something it wasn't. You tell me which is easier to hack, a 4 digit PIN or Touch ID. You tell me how ANY device is secure once someone has physical possession of it. YOU tell me how your ex-wife or girlfriend is going to do this. YOU tell me how the common thief is going to accomplish this. It's a step UP from the PIN and not a gimmick. Lots of people run around with no lock code at all because they don't like punching numbers. Touch ID will let them have some real security because it's easy to use.

I'll tell you what. When I get my iPhone 5s I'll let you have it and YOU into it hack it. And let's put some serious money up too. Otherwise shut up.

Just go away and play with yourself.

PED should quote this verbatim on CNN Money.

From Apple ][ - to new Mac Pro I've owned them all.Long on AAPL so biased"Google doesn't sell you anything, Google just sells you!"

Let me first start out by bringing out the fact that this sensor DOES scan the sub epidermal layers of your skin(which means it scans multiple layers of your skin to ensure it's yours).

Keep that fact in mind..

Now, when watching the video, you can see the person obviously successfully registering his finger print(his index finger), and it works quite well and very fast.

Then look at the finger print he copied. Notice how he used the same print, from the same finger, on the same person? Interesting.. Let's see where this is going..

Now, the sensor works by detecting your finger touching the steel band, so it's capacitive. When he puts the paper on the sensor, it clearly does nothing, but when he puts the SAME finger that he used for the print.. It magically unlocks. Why?

The sensor is reading the print through multiple layers, it is merely treating the paper as another layer of skin, therefore, it unlocks.

Until I see this German folk do the same thing, with a different print copied, and use another different person who is using a different finger to "fake" this, I call BS.

I'm not as easily conned by them, and just for a side note, it seems all they're doing is scamming the people who are offering bounties for this. Being a computer club full of guys, imagine what they would buy $16k worth of..

Debunked, and I'll be using the sensor because so far, it has not been hacked/faked.

Congratulations to the submitter that said in the time it would take to go through the proces the phone would be wiped. Correct me if I'm wrong. The person who cracks the phone shouldn't be able to gain access unless he or she has the ID and the passcode.

The way I understood it when presented at the keynote was that it reads the print on the surface of the skin as well as penetrating deeper into the skin to ensure the print could not be faked.

I don't write this to attack Apple. I write this to know if any of you can explain in technical detail how Apple's sensor reads sub-epidermal details of one's finger.

Or could this be a bug that prevents the sub-epidermal scan from taking place?

Thanks.

It's already established that you can, for example, read somebody's pulse from a cell phone camera, by sensing very rapid changes in skin tone. And that's from several feet away. It wouldn't surprise me if the sensor can read through a bit of skin. Skin is translucent, after all.

Now, as to what exactly they're measuring under the skin (e.g. what skin structures or formations under there are stable enough to reliably detect over time), I have no idea. But I doubt Apple would say it if it's just not true at all.

Yes, but Apple wanted much more from this technology over the long run. That seems to be quashed now.

Not necessarily. Fingerprint recognition in connection with retina scans or some other technique can still work. I agree, though, that companies may be spooked out of allowing Touch ID instead of a pass code on their enterprise profiles. The silly thing, though, is that pass codes can be deduced by looking at where the fingerprints or wear is on the screen.

It's already established that you can, for example, read somebody's pulse from a cell phone camera, by sensing very rapid changes in skin tone. And that's from several feet away. It wouldn't surprise me if the sensor can read through a bit of skin. Skin is translucent, after all.

Now, as to what exactly they're measuring under the skin (e.g. what skin structures or formations under there are stable enough to reliably detect over time), I have no idea. But I doubt Apple would say it if it's just not true at all.

Probably the sub-epidurmal stuff is meant to make it quicker to read fingerprints. Remember the remarkable thing about Touch ID is its accuracy. I always had issues with fingerprint recognition systems in the past.